Lucene search

K
oraclelinuxOracleLinuxELSA-2019-1481
HistoryJun 18, 2019 - 12:00 a.m.

kernel security update

2019-06-1800:00:00
linux.oracle.com
564

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.974 High

EPSS

Percentile

99.9%

[3.10.0-957.21.3.OL7]

  • Oracle Linux certificates (Alexey Petrenko)
  • Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected])
  • Update x509.genkey [bug 24817676]
    [3.10.0-957.21.3]
  • [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719914 1719915] {CVE-2019-11479}
  • [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719914 1719915] {CVE-2019-11479}
  • [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719849 1719850] {CVE-2019-11478}
  • [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719594 1719595] {CVE-2019-11477}
  • [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719594 1719595] {CVE-2019-11477}

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.974 High

EPSS

Percentile

99.9%